SlideShare ist ein Scribd-Unternehmen logo

HTTP request and response

Als PPTX, PDF herunterladen
S
Sahil Agarwal

HTTP Request and Response Reference : RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1"

Technologie
1 von 19
HTTP Request and Response -Sahil Agarwal
HTTP Generic Message ● All of the communication between devices using the Hypertext Transfer Protocol takes place via HTTP messages. ● There are only two types of HTTP messages : requests and responses. ● HTTP messages are text-based and loosely based on RFC 822 and 2822 message standards, and MIME standards.
HTTP Generic Message Format The HTTP generic message format is as follows: <start-line> <message-headers> <empty-line> [<message-body>] [<message-trailers>]
HTTP Generic Message Format <start-line> The start line is a special text line that conveys the nature of the message. In a request, this line indicates the nature of the request, in the form of a method, as well as specifying a URI to indicate the resource that is the object of the request. Responses use the start line to indicate status information in reply to a request. <message-headers> There are many dozens of message headers defined in HTTP, which are organized into groups by function as we will soon see. Almost all of these are optional; the one exception is the Host header, which must be present in each request in HTTP/1.1. Headers may be sent in any order, and all follow the same header format used in e-mail messages: <header-name>: <header-value>
HTTP Generic Message Format [<message-body>] The message body is optional, because it is only needed for certain types of messages. It may carry a set of information to be communicated between the client and server, such as a detailed error message in a response. More commonly, when present, it carries a file or other resource, which is formally called an entity in the HTTP standard. Entities are most often found in the body of a response message, since most client requests ask for a server to send a file or other resource. However, they can also be found in certain requests.
HTTP Generic Message Format [<message-trailers>] HTTP/1.1 uses persistent connections by default, so messages are sent in a steady stream from client to server and server to client. This requires that some means be used to mark where one message ends and the next begins, which is usually accomplished in one of two ways. ● The first is using a special header that indicates the length of the message so the receiving device knows when the entire message has been received. ● The second is a method called “chunking”, where a message is broken into pieces for transmission and the length of each piece indicated in the message body. When chunking is done, a set of message trailers may follow the body of the message. Trailers are in fact the same as headers except for their position in the file, but may only be used for entity headers.
Request Format HTTP requests use a message format that is based on the generic message format, but specific to the needs of requests. <request-line> <general-headers> <request-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
Request Format Request Line Format : <METHOD> <request-uri> <HTTP-VERSION> Example - GET /login HTTP/1.1 ● Method - The type of action that the client wants the server to take. ● Request URI - Uniform Resource Identifier ● HTTP Version - Tells the server what version of HTTP is the client using. Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ○ They are used to control its processing or provide the recipient with extra information. ● Request Headers ○ Contain information about the nature of the client’s request. They give client more control over how the request is to be handled. ○ Format, encodings etc. ● Entity Headers ○ They describe the entity contained in the body of the request, if any.
Response Format HTTP responses use a message format that is based on the generic message format, but specific to the needs of responses. <status-line> <general-headers> <response-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
Response Format Status Line Format : <HTTP-VERSION> <status-code> <reason-phrase> Example - HTTP/1.0 200 OK ● HTTP Version - Tells the client what version of HTTP is the server using. ● Status Code - ○ A three-digit number that indicates the formal result that the server is communicating to the client. ○ Intended for the client HTTP implementation to process so the Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ● Response Headers ○ They provide additional data that expands upon the summary result information in the status line. ○ The server may also return extra result information in the body of the message, especially when an error occurs, ● Entity Headers ○ They describe the entity contained in the body of the response, if any.
What’s in an HTTP Request? Raw Information GET /login HTTP/1.1 Host: 127.0.0.1:5000 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
What’s in an HTTP Request? Source IP address, port and proxy ● Source IP address and Source port : In order to send the appropriate response back to your computer, the web server necessarily knows your computer's IP address and source port. ● Via and X-Forwarded-For: If the HTTP request includes the header "Via", or "X-Forwarded-For", then that's a strong indication that there is at least one proxy server somewhere along the line.
What’s in an HTTP Request? Destination IP address, port, host and protocol ● Destination IP address tells us where the server is located. ● Port tells us which port is being used to contact the server. ● Host - Since many websites can be hosted on a single server, we need this to identify our website. ● Protocol - The HTTP protocol being used. Eg - HTTP/1.1
What’s in an HTTP Request? ● Requested URI - This specifies which document is to be retrieved from the website. ● Request method and content - The type of action that the client wants the server to take. Eg - POST, GET. If POST was submitted as request method, then a form is submitted. The contents of this form would appear here.
What’s in an HTTP Request? User Agent - The User-Agent header describes your web browser. Typically it contains the browser name and version, your Operating System and version , and possibly additional information. Eg - User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept Headers - These describe what sort of things the web browser can handle, and what it would prefer to be given if there's a choice. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
What’s in an HTTP Request? Referer: The "referer" header tells the page which document referred the user to it - in essence, if you followed a link to get to this page, it is the URL of the page you came from to get here. Cookie: ● Every time a web server provides you with a response (a page, a graphic, etc), it can send your browser a "cookie". These cookies are small pieces of information which your browser stores, and then sends back to that same web server whenever you subsequently request a document. ● The "contents" of the cookie (the data it contains) can only be made up of whatever information the web server already knew anyway.
What’s in an HTTP Request? Connection control Connection: keep-alive Keep-Alive: not present These headers are used to fine- tune the network traffic between you and the web server. They don't tell us much, except a little about the capabilities of your web browser. Cache control Pragma: not present Cache-Control: not present If-Modified-Since: not present These headers control cacheing of the document. By examining them the we can detect if you used your browser's "refresh" button to force the page to reload. For example, Mozilla (Netscape 6) sets "Cache-Control" to "max-age=0" when you use the "reload" button. MSIE 5.5 sets it to "no-cache" if you do a "hard" reload (while holding down the "control" key).
What’s in an HTTP Request? Authorisation Username: If you have "logged in" to a web site, your username appears here. This only applies to web sites which use proper HTTP authentication - a "login" window pops up and you get three chances to enter your username and password, otherwise you see a page which says "Authentication Required" or similar. It doesn't apply to web sites where the "login" is a separate page. It's also possible to supply the username and password in the URL you tell your browser to visit - for example, http://user:password@www.example.com/. In that case, the username would appear here too.
References ● RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1"

Empfohlen

HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basicssanjoysanyal
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
Introduction to Web Architecture
Introduction to Web ArchitectureIntroduction to Web Architecture
Introduction to Web ArchitectureChamnap Chhorn
 
Simple object access protocol(soap )
Simple object access protocol(soap )Simple object access protocol(soap )
Simple object access protocol(soap )balamurugan.k Kalibalamurugan
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response StructureBhagyashreeGajera1
 
HTTP Presentation
HTTP Presentation HTTP Presentation
HTTP Presentation Lana Dujanovic
 
Http Introduction
Http IntroductionHttp Introduction
Http IntroductionAkshay Dhole
 

Empfohlen

HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basicssanjoysanyal
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
Introduction to Web Architecture
Introduction to Web ArchitectureIntroduction to Web Architecture
Introduction to Web ArchitectureChamnap Chhorn
 
Simple object access protocol(soap )
Simple object access protocol(soap )Simple object access protocol(soap )
Simple object access protocol(soap )balamurugan.k Kalibalamurugan
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
HTTP Request and Response Structure
HTTP Request and Response StructureHTTP Request and Response Structure
HTTP Request and Response StructureBhagyashreeGajera1
 
HTTP Presentation
HTTP Presentation HTTP Presentation
HTTP Presentation Lana Dujanovic
 
Http Introduction
Http IntroductionHttp Introduction
Http IntroductionAkshay Dhole
 
Http request and http response
Http request and http responseHttp request and http response
Http request and http responseNuha Noor
 
Web design - How the Web works?
Web design - How the Web works?Web design - How the Web works?
Web design - How the Web works?Mustafa Kamel Mohammadi
 
Http
HttpHttp
HttpLuavis Kang
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer ProtocolUjjayanta Bhaumik
 
Web services
Web servicesWeb services
Web servicesAkshay Ballarpure
 
HTTP
HTTPHTTP
HTTPvaibhavrai1993
 
Http protocol
Http protocolHttp protocol
Http protocolArpita Naik
 
World wide web architecture presentation
World wide web architecture presentationWorld wide web architecture presentation
World wide web architecture presentationImMe Khan
 
Web server
Web serverWeb server
Web serverNirav Daraniya
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...rahul kundu
 
Web Servers (ppt)
Web Servers (ppt)Web Servers (ppt)
Web Servers (ppt)webhostingguy
 
Introduction to PHP
Introduction to PHPIntroduction to PHP
Introduction to PHPKengatharaiyer Sarveswaran
 
Servlets
ServletsServlets
ServletsZainabNoorGul
 
Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Shimona Agarwal
 
Server Side Programming
Server Side ProgrammingServer Side Programming
Server Side ProgrammingMilan Thapa
 
Tcpip services and applications
Tcpip services and applicationsTcpip services and applications
Tcpip services and applicationsOnline
 
Servlet and servlet life cycle
Servlet and servlet life cycleServlet and servlet life cycle
Servlet and servlet life cycleDhruvin Nakrani
 
Webservices
WebservicesWebservices
WebservicesGerard Sylvester
 
Http
HttpHttp
HttpNITT, KAMK
 
Servlet life cycle
Servlet life cycleServlet life cycle
Servlet life cycleVenkateswara Rao N
 
HTTP
HTTPHTTP
HTTPTricode (part of Dept)
 
Hypertex transfer protocol
Hypertex transfer protocolHypertex transfer protocol
Hypertex transfer protocolwanangwa234
 

Weitere ähnliche Inhalte

Was ist angesagt?

Http request and http response
Http request and http responseHttp request and http response
Http request and http responseNuha Noor
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer ProtocolUjjayanta Bhaumik
 
World wide web architecture presentation
World wide web architecture presentationWorld wide web architecture presentation
World wide web architecture presentationImMe Khan
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...rahul kundu
 
Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Shimona Agarwal
 
Server Side Programming
Server Side ProgrammingServer Side Programming
Server Side ProgrammingMilan Thapa
 
Tcpip services and applications
Tcpip services and applicationsTcpip services and applications
Tcpip services and applicationsOnline
 
Servlet and servlet life cycle
Servlet and servlet life cycleServlet and servlet life cycle
Servlet and servlet life cycleDhruvin Nakrani
 

Was ist angesagt? (20)

Http request and http response
Http request and http responseHttp request and http response
Http request and http response
 
Web design - How the Web works?
Web design - How the Web works?Web design - How the Web works?
Web design - How the Web works?
 
Http
HttpHttp
Http
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer Protocol
 
Web services
Web servicesWeb services
Web services
 
HTTP
HTTPHTTP
HTTP
 
Http protocol
Http protocolHttp protocol
Http protocol
 
World wide web architecture presentation
World wide web architecture presentationWorld wide web architecture presentation
World wide web architecture presentation
 
Web server
Web serverWeb server
Web server
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
 
Web Servers (ppt)
Web Servers (ppt)Web Servers (ppt)
Web Servers (ppt)
 
Introduction to PHP
Introduction to PHPIntroduction to PHP
Introduction to PHP
 
Servlets
ServletsServlets
Servlets
 
Hypertext transfer protocol (http)
Hypertext transfer protocol (http)Hypertext transfer protocol (http)
Hypertext transfer protocol (http)
 
Server Side Programming
Server Side ProgrammingServer Side Programming
Server Side Programming
 
Tcpip services and applications
Tcpip services and applicationsTcpip services and applications
Tcpip services and applications
 
Servlet and servlet life cycle
Servlet and servlet life cycleServlet and servlet life cycle
Servlet and servlet life cycle
 
Webservices
WebservicesWebservices
Webservices
 
Http
HttpHttp
Http
 
Servlet life cycle
Servlet life cycleServlet life cycle
Servlet life cycle
 

Ähnlich wie HTTP request and response

Hypertex transfer protocol
Hypertex transfer protocolHypertex transfer protocol
Hypertex transfer protocolwanangwa234
 
HTTPProtocol HTTPProtocol.pptHTTPProtocol.ppt
HTTPProtocol HTTPProtocol.pptHTTPProtocol.pptHTTPProtocol HTTPProtocol.pptHTTPProtocol.ppt
HTTPProtocol HTTPProtocol.pptHTTPProtocol.pptVietAnhNguyen337355
 
KMUTNB - Internet Programming 2/7
KMUTNB - Internet Programming 2/7KMUTNB - Internet Programming 2/7
KMUTNB - Internet Programming 2/7phuphax
 
Ch2 the application layer protocols_http_3
Ch2 the application layer protocols_http_3Ch2 the application layer protocols_http_3
Ch2 the application layer protocols_http_3Syed Ariful Islam Emon
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfRaghunathan52
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfRaghunathan52
 
PHP Training: Module 1
PHP Training: Module 1PHP Training: Module 1
PHP Training: Module 1hussulinux
 
internet programming and java notes 5th sem mca
internet programming and java notes 5th sem mcainternet programming and java notes 5th sem mca
internet programming and java notes 5th sem mcaRenu Thakur
 
computer network introduction. psc notes . Assisant professor in cse.
computer network introduction. psc notes . Assisant professor in cse.computer network introduction. psc notes . Assisant professor in cse.
computer network introduction. psc notes . Assisant professor in cse.bushraphd2022
 
Introduction To Web (Mukesh Patel)
Introduction To Web (Mukesh Patel)Introduction To Web (Mukesh Patel)
Introduction To Web (Mukesh Patel)Tirthesh Ganatra
 

Ähnlich wie HTTP request and response (20)

HTTP
HTTPHTTP
HTTP
 
Hypertex transfer protocol
Hypertex transfer protocolHypertex transfer protocol
Hypertex transfer protocol
 
HTTPProtocol HTTPProtocol.pptHTTPProtocol.ppt
HTTPProtocol HTTPProtocol.pptHTTPProtocol.pptHTTPProtocol HTTPProtocol.pptHTTPProtocol.ppt
HTTPProtocol HTTPProtocol.pptHTTPProtocol.ppt
 
KMUTNB - Internet Programming 2/7
KMUTNB - Internet Programming 2/7KMUTNB - Internet Programming 2/7
KMUTNB - Internet Programming 2/7
 
Ch2 the application layer protocols_http_3
Ch2 the application layer protocols_http_3Ch2 the application layer protocols_http_3
Ch2 the application layer protocols_http_3
 
Http_Protocol.pptx
Http_Protocol.pptxHttp_Protocol.pptx
Http_Protocol.pptx
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdf
 
Web Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdfWeb Technologies Notes - TutorialsDuniya.pdf
Web Technologies Notes - TutorialsDuniya.pdf
 
PHP Training: Module 1
PHP Training: Module 1PHP Training: Module 1
PHP Training: Module 1
 
Webbasics
WebbasicsWebbasics
Webbasics
 
Www and http
Www and httpWww and http
Www and http
 
internet programming and java notes 5th sem mca
internet programming and java notes 5th sem mcainternet programming and java notes 5th sem mca
internet programming and java notes 5th sem mca
 
www and http services
www and http serviceswww and http services
www and http services
 
Application layer
Application layerApplication layer
Application layer
 
Starting With Php
Starting With PhpStarting With Php
Starting With Php
 
Www and http
Www and httpWww and http
Www and http
 
computer network introduction. psc notes . Assisant professor in cse.
computer network introduction. psc notes . Assisant professor in cse.computer network introduction. psc notes . Assisant professor in cse.
computer network introduction. psc notes . Assisant professor in cse.
 
Restful web services
Restful web servicesRestful web services
Restful web services
 
IP UNIT 1.pptx
IP UNIT 1.pptxIP UNIT 1.pptx
IP UNIT 1.pptx
 
Introduction To Web (Mukesh Patel)
Introduction To Web (Mukesh Patel)Introduction To Web (Mukesh Patel)
Introduction To Web (Mukesh Patel)
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

HTTP request and response

  • 2. HTTP Generic Message ● All of the communication between devices using the Hypertext Transfer Protocol takes place via HTTP messages. ● There are only two types of HTTP messages : requests and responses. ● HTTP messages are text-based and loosely based on RFC 822 and 2822 message standards, and MIME standards.
  • 3. HTTP Generic Message Format The HTTP generic message format is as follows: <start-line> <message-headers> <empty-line> [<message-body>] [<message-trailers>]
  • 4. HTTP Generic Message Format <start-line> The start line is a special text line that conveys the nature of the message. In a request, this line indicates the nature of the request, in the form of a method, as well as specifying a URI to indicate the resource that is the object of the request. Responses use the start line to indicate status information in reply to a request. <message-headers> There are many dozens of message headers defined in HTTP, which are organized into groups by function as we will soon see. Almost all of these are optional; the one exception is the Host header, which must be present in each request in HTTP/1.1. Headers may be sent in any order, and all follow the same header format used in e-mail messages: <header-name>: <header-value>
  • 5. HTTP Generic Message Format [<message-body>] The message body is optional, because it is only needed for certain types of messages. It may carry a set of information to be communicated between the client and server, such as a detailed error message in a response. More commonly, when present, it carries a file or other resource, which is formally called an entity in the HTTP standard. Entities are most often found in the body of a response message, since most client requests ask for a server to send a file or other resource. However, they can also be found in certain requests.
  • 6. HTTP Generic Message Format [<message-trailers>] HTTP/1.1 uses persistent connections by default, so messages are sent in a steady stream from client to server and server to client. This requires that some means be used to mark where one message ends and the next begins, which is usually accomplished in one of two ways. ● The first is using a special header that indicates the length of the message so the receiving device knows when the entire message has been received. ● The second is a method called “chunking”, where a message is broken into pieces for transmission and the length of each piece indicated in the message body. When chunking is done, a set of message trailers may follow the body of the message. Trailers are in fact the same as headers except for their position in the file, but may only be used for entity headers.
  • 7. Request Format HTTP requests use a message format that is based on the generic message format, but specific to the needs of requests. <request-line> <general-headers> <request-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
  • 8. Request Format Request Line Format : <METHOD> <request-uri> <HTTP-VERSION> Example - GET /login HTTP/1.1 ● Method - The type of action that the client wants the server to take. ● Request URI - Uniform Resource Identifier ● HTTP Version - Tells the server what version of HTTP is the client using. Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ○ They are used to control its processing or provide the recipient with extra information. ● Request Headers ○ Contain information about the nature of the client’s request. They give client more control over how the request is to be handled. ○ Format, encodings etc. ● Entity Headers ○ They describe the entity contained in the body of the request, if any.
  • 9. Response Format HTTP responses use a message format that is based on the generic message format, but specific to the needs of responses. <status-line> <general-headers> <response-headers> <entity-headers> <empty-line> [<message-body>] [<message-trailers>]
  • 10. Response Format Status Line Format : <HTTP-VERSION> <status-code> <reason-phrase> Example - HTTP/1.0 200 OK ● HTTP Version - Tells the client what version of HTTP is the server using. ● Status Code - ○ A three-digit number that indicates the formal result that the server is communicating to the client. ○ Intended for the client HTTP implementation to process so the Headers : ● General Headers ○ These refer mainly to the message itself, instead of it’s contents. ● Response Headers ○ They provide additional data that expands upon the summary result information in the status line. ○ The server may also return extra result information in the body of the message, especially when an error occurs, ● Entity Headers ○ They describe the entity contained in the body of the response, if any.
  • 11. What’s in an HTTP Request? Raw Information GET /login HTTP/1.1 Host: 127.0.0.1:5000 Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
  • 12. What’s in an HTTP Request? Source IP address, port and proxy ● Source IP address and Source port : In order to send the appropriate response back to your computer, the web server necessarily knows your computer's IP address and source port. ● Via and X-Forwarded-For: If the HTTP request includes the header "Via", or "X-Forwarded-For", then that's a strong indication that there is at least one proxy server somewhere along the line.
  • 13. What’s in an HTTP Request? Destination IP address, port, host and protocol ● Destination IP address tells us where the server is located. ● Port tells us which port is being used to contact the server. ● Host - Since many websites can be hosted on a single server, we need this to identify our website. ● Protocol - The HTTP protocol being used. Eg - HTTP/1.1
  • 14. What’s in an HTTP Request? ● Requested URI - This specifies which document is to be retrieved from the website. ● Request method and content - The type of action that the client wants the server to take. Eg - POST, GET. If POST was submitted as request method, then a form is submitted. The contents of this form would appear here.
  • 15. What’s in an HTTP Request? User Agent - The User-Agent header describes your web browser. Typically it contains the browser name and version, your Operating System and version , and possibly additional information. Eg - User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Accept Headers - These describe what sort of things the web browser can handle, and what it would prefer to be given if there's a choice. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8
  • 16. What’s in an HTTP Request? Referer: The "referer" header tells the page which document referred the user to it - in essence, if you followed a link to get to this page, it is the URL of the page you came from to get here. Cookie: ● Every time a web server provides you with a response (a page, a graphic, etc), it can send your browser a "cookie". These cookies are small pieces of information which your browser stores, and then sends back to that same web server whenever you subsequently request a document. ● The "contents" of the cookie (the data it contains) can only be made up of whatever information the web server already knew anyway.
  • 17. What’s in an HTTP Request? Connection control Connection: keep-alive Keep-Alive: not present These headers are used to fine- tune the network traffic between you and the web server. They don't tell us much, except a little about the capabilities of your web browser. Cache control Pragma: not present Cache-Control: not present If-Modified-Since: not present These headers control cacheing of the document. By examining them the we can detect if you used your browser's "refresh" button to force the page to reload. For example, Mozilla (Netscape 6) sets "Cache-Control" to "max-age=0" when you use the "reload" button. MSIE 5.5 sets it to "no-cache" if you do a "hard" reload (while holding down the "control" key).
  • 18. What’s in an HTTP Request? Authorisation Username: If you have "logged in" to a web site, your username appears here. This only applies to web sites which use proper HTTP authentication - a "login" window pops up and you get three chances to enter your username and password, otherwise you see a page which says "Authentication Required" or similar. It doesn't apply to web sites where the "login" is a separate page. It's also possible to supply the username and password in the URL you tell your browser to visit - for example, http://user:password@www.example.com/. In that case, the username would appear here too.
  • 19. References ● RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1"